So I often have to ‘break’ into VMs when migrating them. I put the word break into quotation marks because I’m doing it for the company… Which leads me to this post, I wanted to show you how I go about resetting Windows password with Kali Linux.
This should only be done ethically and legally!
What I mean by that is, make sure you have the right to access the machine and have approval from the owner to reset the password. Fun times ahead!
I’ve also written this on Medium.com.
Why?
What do you mean why? It’s fairly simple!
This most often comes up for me if a user has forgotten the password. Most commonly, because they haven’t used the system for a while, or they have an auto-complete function which fails once the system has been migrated to a new host.
Why use Kali Linux? Well because it is the most robust method I’ve found for quickly resetting Windows passwords. It has a nice built in utility for this, along with a bunch of other Windows tools.
You can also reset Windows passwords using the Windows installer, or by using Ubuntu. However, both of those methods have their own downsides which make Kali my favourite.
How To Screenshot On All 3 Desktop OS’s
Knowing how to screenshot is one of the corner stones to receiving or providing technical…
Scripting Secrets with PowerShell and OneTimeSecret.com
In my day job, I often have to send out links to customers. These links…
How to Add Telephone Links to Your Website
So you’ve gone through all the trouble of creating a stunning website for your business,…
Who Owns Microsoft?
Microsoft is one of the largest and most recognisable companies on the planet, operating in…
7 New Website Inspiration Tools
Over the last couple of months, I’ve found and kept 7 new website inspiration tools…
Microsoft Clarity – The Definitive Guide
I know I’m late to discovering this tool, but for anyone else out that that…
Lets hop in!🦘
Resetting Windows Password With Kali Linux
First, mount the Kali Linux live boot ISO to the VM. I’ll be using 2021.2-live-amd64, just in case you cared.
In the boot menu for the VM, chose to boot from the CD Drive. For example, this is what it looks like with a VMware machine:
When you see the Kali Linux live menu, boot using the Live (Forensic Mode):
Once loaded, open the File Manager, find the Windows boot drive in the left side of the menu and navigate to /Windows/system32/config:
Open a terminal inside that folder by right-clicking in the empty space:
Inside the terminal, type the following command:
chntpw -I SAM
This will show all the users that Kali Linux has found on the Windows install.
I want to reset the built-in Administrator account, so feel free to update the command I use below:
chntpw -u Administrator SAM
- Select Option 1
- Once complete, press ‘q’ to exit
- Finally, press ‘y’ to save the changes
You can now reboot the server back into Windows and the Administrator password will be blank.
Make sure to add a new password to the Administrator account and to unmount the Kali Linux live ISO from the VM!
Potential Issue
You might run into an error stating that the Windows drive has been mounted in read-only mode.
To fix this, you can often run:
lsblk
From this, find the sda number or ID for the Windows install. For me, it was sda4. Once you have that, you can run the below command, making sure to use your sda number:
sudo ntfsfix /dev/sda4
Enjoy! 🎉